The Challenge
In Q3 of 2024, the CEO of a UK-based bank received an email from a ransomware group, informing him that the bank's data had been encrypted and would be released on the dark web unless a ransom demand was paid. Although several insurers and consultants were engaged to resolve the situation, the slow response times made it clear that an alternative approach would be needed.
Finally, in order to minimise the resulting downtime and resume operations as soon as possible, without giving in to the criminals' ransom demand, the organisation engaged Exponential-e to restore and secure their critical servers. With even the shortest period of downtime resulting in serious financial and reputational damage, a team of incident response specialists immediately began the restoration process, aiming to have the bank's systems back online in days rather than weeks.
The Solution
The restoration process began with a thorough audit of the IT ecosystem to establish which servers had been impacted, after which the affected VMs were powered down. A new, fully isolated VDC was created to store these VMs once they were recovered, along with a completely new firewall zone.
With the affected servers restored into this new VDC zone, firewalls were established to allow for the most basic access, after which malware scans were conducted. These scans continued for two days, during which the customer was granted initial access to the servers via a temporary SSL VPN with Azure MFA, allowing them to resume operations in just three days.
At this point, Zerto replication was set up for the new VMs, while Exponential-e simultaneously engaged with the third party that was conducting a forensic investigation.
Connectivity was soon re-established for the customer's other offices, at which point users were brought back online. Firewall logs were provided for the forensic team, along with initial access to VM images via vCloud Director.
Finally, a test rebuild of the affected VMs was conducted and finalised within two days, and additional firewall policies established.
Exponential-e has repeated variations of this process for multiple other organisations affected by ransomware attacks, allowing them to resume operations as quickly as possible and ensure their critical infrastructure is secured against future attacks.
The Result
Ongoing communication between all parties involved ,including a dedicated team of incident response specialists at Exponential-e with a defined action plan ensured a seamless restoration process. Day-to-day operations resumed in just seven days, without paying the criminals' ransom demand.
Don't wait for a crisis to expose the cracks, fortify your defences today. Discover how expert response turned seven days of chaos into operational recovery.
231 Hits
The level of legacy debt varies widely across the NHS and a recent report from the Department of Science Technology and Innovation (DSIT) has revealed that legacy technology can range from as little as 10 to as much as 60-70%. This reliance on outdated systems presents a significant cyber security challenge, heightened by the fact that 15% of surveyed organisations could not estimate the size of their legacy estate. The report also highlights that these systems are high-risk, prone to security vulnerabilities, lack support, and subject to operational failures.
923 Hits
Establishing a world-class digital foundation for emergency services across the UK
About the ARP
The Ambulance Radio Programme (ARP) delivers mission-critical communication and mobilisation technologies to ensure effective communication between Ambulance Service Trusts, the NHS, and other emergency responders across the UK.
The Challenge
The successful delivery of emergency services depends on critical platforms being always on and always available, ensuring citizens in the most remote areas can always make contact and receive aid as quickly as possible. With even the smallest periods of downtime potentially costing lives, ARP demands the highest standards of performance and resilience from its underlying connectivity, with rigorous SLAs in place to ensure these targets are met.
In order to further optimise the availability of emergency services across the UK, there are currently two major programmes being implemented by ARP across the UK. The Control Room Solution (CRS), which is utilised by ambulance services across England and Scotland, ensuring critical communications between the emergency control room dispatchers and operational crews are completely seamless. The Mobile Data & Vehicle Solution (MDVS) will replace legacy communications equipment for the English and Welsh Ambulance Service Trusts.
Both programmes required a secure, resilient, and highly available IT infrastructure as the underlying foundation, for which ARP selected the Exponential-e Group - encompassing Exponential-e, Vysiion, and Xpertex - as their trusted technology partner.
The programme has lots of moving parts, and a lot of key users and stakeholders - all with unique needs and ways of working. ARP needed a team, processes, and technologies which could be used to create a common service, capable of integrating with each Ambulance Trust and user organisation.
Mathew Baker, IT Service Manager, ARP
The Solution
The Exponential-e Group has worked closely with ARP for a number of years, beginning with the CNAM project, which Vysiion successfully executed before its acquisition by the Group. Here, multiple critical platforms that were previously managed on a regional basis, with discrete infrastructure and applications run independently by each Trust across England and Wales, were fully centralised in ARP's data centres, including both CRS and MDVS. A whole new network was utilised as the foundation, connecting the centralised ARP control room applications to each regional Trust's control rooms. This highly resilient network infrastructure was designed to maintain the highest levels of uptime and availability across all regions, optimising the delivery of critical services.
ARP would later build on these early successes, engaging the wider Exponential-e Group as its requirements evolved. Exponential-e later delivered a fully centralised, UK-based service desk, available 24 / 7, and continues to work with ARP's own teams to identify new opportunities for service improvements and process optimisation.
Over the course of several years, the partnership between ARP and the Exponential-e Group has continued to evolve and is now in a strong position to take on further challenges. A particular focus is the digitisation of processes and onboarding of multiple new solutions to further optimise the availability and delivery of emergency services nationwide.
Solution benefits
- Full centralisation of multiple critical platforms, powered by a highly resilient, highly available private network, supporting consistent performance and availability of critical services across all regions.
- A 24 / 7, UK-based service desk for all IT-related questions, concerns, and incident management.
- A partnership built on trust, consultation, and service quality, driving ongoing improvements.
- Hands-on engagement and integration with other suppliers.
It's time for the public sector to have its own digital-revolution
The public sector's digital journey is accelerating at an unprecedented rate, with leading-edge technology transforming the way critical services are delivered across the country. This exclusive report from Exponential-e explores the challenges and opportunities involved, and explains how public sector organisations can be part of this digital revolution.
4523 Hits
© 2025 Exponential-e Ltd. Reg. No. 04499567, Reg. Address:100 Leman Street, London E1 8EU